CN114362938B - Quantum communication key management dynamic route generation network architecture and method - Google Patents
Quantum communication key management dynamic route generation network architecture and method Download PDFInfo
- Publication number
- CN114362938B CN114362938B CN202111630087.7A CN202111630087A CN114362938B CN 114362938 B CN114362938 B CN 114362938B CN 202111630087 A CN202111630087 A CN 202111630087A CN 114362938 B CN114362938 B CN 114362938B
- Authority
- CN
- China
- Prior art keywords
- kms
- key
- information
- quantum
- alice
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000006854 communication Effects 0.000 title claims description 64
- 238000004891 communication Methods 0.000 title claims description 61
- 238000000034 method Methods 0.000 title claims description 19
- 238000001514 detection method Methods 0.000 claims description 11
- 230000008569 process Effects 0.000 claims description 10
- 230000002159 abnormal effect Effects 0.000 claims 2
- 230000005540 biological transmission Effects 0.000 abstract description 12
- 238000012545 processing Methods 0.000 description 5
- 230000005856 abnormality Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 230000010287 polarization Effects 0.000 description 3
- 230000003068 static effect Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 239000000969 carrier Substances 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000005610 quantum mechanics Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000000630 rising effect Effects 0.000 description 1
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Optical Communication System (AREA)
Abstract
The invention discloses a key management dynamic route generation network architecture, which comprises Alice, bob, KM, KMS and QKD; the Alice, the KM and the Bob respectively communicate with the KMS through a classical network and report information, and after receiving the report information, the KMS establishes a network topological relation to generate a dynamic routing table; the Alice, the Bob and the KM are provided with one or more QKD, the Alice, the Bob and the KM communicate with each other through a classical network, and the QKD communicated with each other through a quantum channel; any two communicated Alice, bob and KM all have one party for generating a quantum key K, and the other party receives the quantum key K to form key sharing between the two parties. The KMS connects the network topology information of all nodes to form the topology information of the whole network, generates a routing table and accelerates the transmission rate of the information on the network.
Description
Technical Field
The invention relates to the field of quantum communication and collar key management, in particular to a key management dynamic route generation network architecture and method for quantum communication.
Background
With the rapid development of information technology and the rising and popularization of the internet, information plays an increasingly important role in daily life and work, and massive information is transferred in a communication network at any moment. Due to the openness of the internet and the great advantage of western developed countries in the field of information counting, eavesdroppers can intercept communication data by technical means.
In order to ensure the security of the information in the transmission process, the sender generally adopts an encryption algorithm and an encryption key to encrypt the information to be transmitted, converts the plaintext with definite meaning into nonsensical ciphertext, then sends the ciphertext to the receiver through the communication network, the receiver receives the ciphertext, and recovers the ciphertext into the plaintext through a decryption algorithm and a decryption key, wherein the process is secret communication, as shown in a secret communication system model of fig. 4.
The security of the secret communication depends on the security of the cryptographic algorithm, the key. Key algorithms are generally classified into public key cryptography and private key cryptography.
Quantum computers developed in recent years utilize the superposition characteristics of quantum states and parallelism of quantum operations. The powerful parallel computing capability of quantum computers poses a serious threat to public key cryptographic algorithms. This means that once a quantum computer is physically implemented, technical support will be provided for cracking RSA passwords.
Quantum communication is a novel interdisciplinary developed in recent years, and is a novel field combining quantum theory and information theory. Fig. 3 is a quantum communication system model.
Quantum communication takes photon or entangled photon pairs as physical carriers of communication, takes photon polarization, phase equivalent molecular attributes as information coding objects, realizes safe Quantum Key Distribution (QKD) between two communication parties, and realizes safe secret communication by using one-time secret password on the basis. Fig. 5 is a general structure of quantum secret communication.
Quantum communication processes can be divided into quantum key distribution and secure communication.
The security of quantum key distribution is derived from basic principles of quantum mechanics, including hessianburg uncertainty principle, quantum unclonable law, measurement collapse theory and the like.
The quantum key distribution solves the problem of key real-time distribution, and lays a good foundation for the application of one-time-pad passwords. Quantum communication with quantum key distribution and 'one-time pad' as cores not only meets the requirements of secret communication in the future quantum computer age at present.
Because of the importance of secret communication in national security and national economy, the concept of quantum communication has been widely focused once proposed. The global scientific research institutions greatly develop the theory and experimental study of quantum communication under the funding of governments of various countries, and the vigorous development of the quantum communication industry is greatly promoted.
The quantum relay can realize relay transmission of quantum signals and can effectively prolong the transmission distance of quantum communication.
The trusted relay scheme is a scheme for extending the transmission distance of quantum communication.
The trusted relay is that the two communication parties firstly establish a secret key with the intermediate node which is considered to be safe, and then realize the secret key sharing of the two communication parties in a secret key encryption transmission mode. Therefore, a user can divide a long-distance quantum communication link into a plurality of small segments, the end point of each segment is a trusted relay, a secret key is generated between two adjacent end points through a quantum secret key distribution technology, the secret key is transmitted segment by utilizing one-time secret and safety identity authentication, and finally the transmission of the secret key from one end of the link to the other end is realized. Alice performs quantum key distribution in advance of the trusted relay 1, shares a group of keys K1, performs quantum key distribution on the trusted relay 1 and the trusted relay 2, shares a group of keys K2, performs quantum key distribution on the trusted relay 2 and shares a group of keys K3, wherein the lengths of K1, K2 and K3 are the same, so that if Alice wants to send a group of keys K1 or information M to Bob, K or M can be encrypted by using K1, and is safe and trusted to the trusted relay 2, and the safety of the whole transmission process can be ensured. On this basis, a communication link consisting of N trusted relays can be easily extended. Trusted relay requires that the relay point must be secure and trusted.
The trusted relay node is a base station capable of carrying out classical communication and quantum communication with peripheral users Alice or Bob, wherein classical network communication equipment and quantum communication equipment are included in the base station, key distribution, key sharing and key management can be carried out with users, and the key management equipment can carry out classical network communication with a KMS. The processing of computer networks has a very great influence on the interconnection quality of the networks, and is mainly determined by routers in terms of technical processing. In terms of routing technology, there are mainly two basic activities, one is how to select an optimal path, and the other is how to transmit a data packet.
The processing of computer networks has a very great influence on the interconnection quality of the networks, and is mainly determined by routers in terms of technical processing. In terms of routing technology, there are mainly two basic activities, one is how to select an optimal path, and the other is how to transmit a data packet.
In a computer network, the routing table or routing domain information base (RIB) is a spreadsheet (file) or class database stored in a router or networked computer. The routing table stores paths (and in some cases, also the routing metric values of the paths) that point to particular network addresses. The routing table contains topology information of the periphery of the network. The main objective of the routing table set-up is to implement routing protocols and static routing.
Routing refers to the network-wide process of determining an end-to-end path as a packet travels from a source to a destination. The routing operates in the OSI reference model layer three, packet forwarding devices at the network layer. Routers implement network interconnections by forwarding packets. The router decides the output port and the next address according to the network layer address in the received data packet and the routing table maintained in the router, and rewrites the link layer data packet header to realize the forwarding of the data packet. The router reflects the current network topology by dynamically maintaining a routing table and maintains the routing table by exchanging routing and link information with other routers on the network. Routing refers to the process in which a router receives a packet from one interface, directs and forwards the packet to another interface according to the destination address of the packet.
Routing involves determining the best path and transmitting information through the network.
The optimal path is determined, so that time and network resources can be saved, and information transmission is smoother.
The routing table has a static routing table and a dynamic routing table.
The fixed routing table set in advance by the system administrator is called a static routing table, and is generally preset according to the configuration condition of the network when the system is installed, and will not change with the change of the future network structure.
The dynamic routing table is a routing table automatically adjusted by the router according to the operation condition of the network system.
Classical network routing nodes are typically routers or switches that forward only data, not data, and information between users is routed through routers.
In the prior art:
km is a trusted relay node, stores and manages keys, collects status information, and performs classical network communication with KMS;
a, B, C, D, E, F and G are classical network communication, information collected by KM is transmitted, and instructions are transmitted;
a1, A2, A3, A4, A5, A6 are quantum communication link layers;
qkdm 1, qkdm 01, qkdm 2, qkdm 02, qkdm 3, qkdm 03, qkdm 4, qkdm 04, qkdm 5, qkdm 05, qkdm 6, qkdm 06, generating a key.
RR is a classical router, QR quantum encryption router, through which information of QKD devices is transmitted to the classical router.
The routing table is established by a routing server, the routing server periodically collects network topology information reported by each KM node, determines whether the network topology information of the node is reserved according to the relation between the key quantity of each KM node and the minimum key quantity (minimum key quantity required by one-time communication), and then connects all the reserved network topology information to form the routing table.
Disclosure of Invention
In order to solve the technical problems, a dynamic route generation framework and a method for key management of a quantum secret communication network are provided, which reduce information interaction between KM and KM, quicken the transmission rate of keys and save the cost of network layout equipment.
In order to achieve the above purpose, the technical scheme adopted by the invention is as follows:
a key management dynamic route generation network architecture comprising Alice, bob, KM, KMS and QKD;
alice is a sender user, and Bob is a receiver user;
KMS is an information routing server;
KM is a trusted relay node for storing and managing key information of Alice and QKD and collecting Alice and QKD status information;
the Alice, the KM and the Bob respectively communicate with the KMS through a classical network and report information, and after receiving the report information, the KMS establishes a network topological relation to generate a dynamic routing table;
wherein a plurality of KMs are arranged, namely KM1, KM2, KM3 … …, KMn and KMn+1;
the KM1, KM2, KM3 … …, KMn and KMn+1 are sequentially connected through a classical network;
the Alice, the Bob and the KM are provided with one or more QKD, the Alice, the Bob and the KM communicate with each other through a classical network, and the QKD communicated with each other through a quantum channel;
any two communicated Alice, bob and KM all have one party for generating a quantum key K, and the other party receives the quantum key K to form key sharing between the two parties.
Preferably, the Alice end is provided with a source module and a modulation module, the source module generates plaintext key information M, and the modulation is used for modulating the key information M and a quantum key K generated by a QKD corresponding to the key information M to perform exclusive-or operation to obtain quantum key information mk.
Preferably, the Bob end is provided with a demodulation module and a detection module, the demodulation module utilizes the shared quantum key K to decrypt the received key information M 'K to obtain a plaintext key M', and the detection module receives the plaintext key M 'to detect and compare whether the received plaintext key M' is consistent with the key information M.
The key management dynamic route generation method is applied to the key management dynamic route generation network architecture, and comprises the following steps:
step 1-1: the KMS sets a minimum key quantity Kmin;
step 1-2: creating a thread X1 to process a KM node or a user request connection function, and generating single KM node network topology information;
step 1-3: creating a thread X2 to monitor all KM nodes or users;
step 1-4: and the KMS performs ordered connection on the network topology information of all KM nodes to generate a routing table.
Preferably, after generating the routing table, a KMS collects information sent by a KM node as follows:
step 2-1: the KMS sets a minimum key quantity Kmin;
step 2-2: the KM sends a connection request to the KMS, and the KMS agrees to connect and establishes a session;
step 2-3: the KM sends a local ID to the KMS, and the KMS binds the received ID with the established session;
step 2-4: the KM sends ID information of adjacent connection KM to the KMS;
step 2-5: the KMS receives ID information of the adjacent KM, and binds the adjacent KMID information with the established session;
step 2-6: the KM sends the existing key quantity K1 to the KMS.
Preferably, the KMS creation thread X1 processes the KM node request connection steps as follows:
step 3-1: the KMS waits and receives a KM node connection request, and establishes a session according to the request;
step 3-2: the KMS judges whether the system has abnormality, if so, the thread is exited, and if not, the step 3-1 is continued.
Preferably, the KMS creation thread X2 is further configured to monitor all KM nodes or user flows as follows:
step 4-1: the KMS receives a local ID of a KM node, and binds the session established in the step 3-1 with the ID of the KM;
step 4-2: the KMS receives all IDs of the KM node adjacent connection KM, and step 3-1 establishes a session and binds all IDs of the KM node adjacent connection KM;
step 4-3: the KMS collects the existing key quantity K reported by KM and judges whether K is more than or equal to Kmin;
if the network topology information is greater than or equal to Kmin, the KMS adds network topology information of a node according to the information collected from the KM node;
otherwise, the node does not establish the network topology information and cancels the previously established network topology information;
step 4-4: the KMS judges whether the system has abnormality, if yes, the thread is exited, and if not, the step 4-1 is skipped.
Preferably, kmin is KM and KM, and the minimum key amount required for one communication between the user and KM.
The beneficial technical effects of the invention are as follows: the invention discloses a key management dynamic route generation method based on a quantum secret communication network, which is characterized in that according to the change of the quantum key quantity between KM nodes or adjacent connection relations of users and KM nodes of the quantum secret communication network, network topology information of a single node and adjacent connection KM or users is formed, the KMS connects the network topology information of all nodes to form topology information of the whole network, a route table is generated, and the transmission rate of information on the network is accelerated.
Drawings
FIG. 1 is a quantum communication system model;
FIG. 2 is a secure communication system model;
FIG. 3 is a general structure of quantum secure communications;
FIG. 4 is a block diagram of an architecture for an implementation of the present invention;
FIG. 5 is a general workflow diagram of the route generation method of the present invention;
fig. 6 is a diagram of a KM and KMs information interaction process of the present invention;
FIG. 7 is a workflow of the KMS forming a route;
FIG. 8 is a flowchart of KMS creation thread X1 processing a KM node request connection function;
fig. 9 monitors all KM node flows for KMS creation thread X2.
Detailed Description
The present invention will be further described in detail with reference to the following examples, for the purpose of making the objects, technical solutions and advantages of the present invention more apparent, but the scope of the present invention is not limited to the following specific examples.
Fig. 1 is a model of a quantum communication system, the source being a physical carrier for generating quantum states. The channel of quantum communication consists of two parts, namely a quantum channel and a classical channel. The modulation and demodulation of the quantum state mainly comprises polarization state modulation and detection, phase modulation and detection and light intensity modulation. Quantum channels are used for the transmission of quantum states, and carriers of which are typically molecules, atoms, photons, and the like. Classical channels are used for data exchange, synchronization and other operations between two communication parties, and the internet, local area network or point-to-point direct connection data communication link can be used as classical channels. Quantum communication mostly adopts single photon or entangled photon pair as physical carrier of information, and its intensity is single photon magnitude.
Fig. 2 is a secure communication system model. The secret communication process mainly involves a sender, a receiver and an eavesdropper; the sender is Alice, the receiver is Bob, the eavesdropper is eve. The information sent by the sender is plaintext M, the key source generates a key, the key is used for encrypting the key to obtain ciphertext C, the ciphertext C is transmitted, the receiver acquires the encryption key through a private channel, decrypts the received ciphertext, and the plaintext is sent to the receiver, so that the communication process is completed.
Fig. 3 is a general structure of quantum secret communication. The sender is Alice, the receiver is Bob, the QKD generates a key, the key is provided for Alice to encrypt communication information, the key is transmitted to Bob through a classical network, key synchronization is realized through the QKD network sender and the receiver, bob decrypts the information by using the same key, and the communication encrypts and decrypts the information by using one set of key at a time, so that safe and reliable communication is realized.
In particular, as shown in fig. 4-9, a key management dynamic route generation network architecture, including Alice, bob, KM, KMS and QKD;
alice is a sender user, and Bob is a receiver user;
KMS is an information routing server;
KM is a trusted relay node for storing and managing key information of Alice and QKD and collecting Alice and QKD status information;
the Alice, the KM and the Bob respectively communicate with the KMS through a classical network and report information, and after receiving the report information, the KMS establishes a network topological relation to generate a dynamic routing table;
wherein a plurality of KMs are arranged, namely KM1, KM2, KM3 … …, KMn and KMn+1;
the KM1, KM2, KM3 … …, KMn and KMn+1 are sequentially connected through a classical network;
the Alice, the Bob and the KM are provided with one or more QKD, the Alice, the Bob and the KM communicate with each other through a classical network, and the QKD communicated with each other through a quantum channel;
any two communicated Alice, bob and KM all have one party for generating a quantum key K, and the other party receives the quantum key K to form key sharing between the two parties.
Specifically, the Alice end and the Bob end are both provided with a source module and a modulation module, the source module generates plaintext key information M, and the modulation is used for modulating and performing exclusive-or operation on the key information M and a quantum key K generated by the corresponding QKD to obtain new key information M.
Preferably, the Alice end and the Bob end are further provided with a demodulation module and a detection module, the demodulation module utilizes the shared quantum key K to decrypt the received key information and wait until the key information reaches the plaintext key M ', and the detection module receives the plaintext key M' to detect and compare whether the received key information is consistent with the key information M. The modulation and demodulation of the modulation module and the demodulation module mainly comprise polarization state modulation and detection, phase modulation and detection and light intensity modulation and detection.
The Alice end and the Bob end can be used as a transmitting end and a receiving end.
The above devices form a key management dynamic route architecture, and a key management dynamic route generation method is formed by using the architecture, and the dynamic route generation method comprises the following steps:
step 1-1: the KMS sets a minimum key quantity Kmin, wherein the Kmin is the minimum key quantity required by two KMs and communication between a user and the KMs once, and the user is Alice or Bob;
step 1-2: creating a thread X1 to process a KM node or a user request connection function, and generating single KM node network topology information;
step 1-3: creating a thread X2 to monitor all KM nodes or users;
step 1-4: and the KMS performs ordered connection on the network topology information of all KM nodes to generate a routing table.
Preferably, after generating the routing table, a KMS collects information sent by a KM node as follows:
step 2-1: the KMS sets a minimum key quantity Kmin;
step 2-2: the KM sends a connection request to the KMS, and the KMS agrees to connect and establishes a session;
step 2-3: the KM sends a local ID to the KMS, and the KMS binds the received ID with the established session;
step 2-4: the KM sends ID information of adjacent connection KM to the KMS;
step 2-5: the KMS receives ID information of the adjacent KM, and binds the adjacent KMID information with the established session;
step 2-6: the KM sends the existing key quantity K1 to the KMS.
The above steps may also replace KM with either user side Alice or Bob.
Preferably, the KMS creation thread X1 processes the KM node request connection steps as follows:
step 3-1: the KMS waits and receives a KM node connection request, and establishes a session according to the request;
step 3-2: the KMS judges whether the system has abnormality, if so, the thread is exited, and if not, the step 3-1 is continued.
Preferably, the KMS creation thread X2 is further configured to monitor all KM nodes or user flows as follows:
step 4-1: the KMS receives a local ID of a KM node, and binds the session established in the step 3-1 with the ID of the KM;
step 4-2: the KMS receives all IDs of the KM node adjacent connection KM, and step 3-1 establishes a session and binds all IDs of the KM node adjacent connection KM;
step 4-3: the KMS collects the existing key quantity K reported by KM and judges whether K is more than or equal to Kmin;
if the network topology information is greater than or equal to Kmin, the KMS adds network topology information of a node according to the information collected from the KM node;
otherwise, the node does not establish the network topology information and cancels the previously established network topology information;
step 4-4: the KMS judges whether the system has abnormality, if yes, the thread is exited, and if not, the step 4-1 is skipped.
The above steps may also replace KM with either user side Alice or Bob.
Variations and modifications to the above would be obvious to persons skilled in the art to which the invention pertains from the foregoing description and teachings. Therefore, the invention is not limited to the specific embodiments disclosed and described above, but some modifications and changes of the invention should be also included in the scope of the claims of the invention. In addition, although specific terms are used in the present specification, these terms are for convenience of description only and do not constitute any limitation on the invention.
Claims (3)
1. A key management dynamic route generation network architecture for quantum communications, comprising Alice, bob, KM, KMS and QKD;
alice is a sender user, and Bob is a receiver user;
KMS is an information routing server;
KM is a trusted relay node for storing and managing key information of Alice and QKD and collecting Alice and QKD status information;
the Alice, the KM and the Bob respectively communicate with the KMS through a classical network and report information, and after receiving the report information, the KMS establishes a network topological relation to generate a dynamic routing table;
wherein a plurality of KMs are arranged and are sequentially connected through a classical network;
the Alice, the Bob and the KM are provided with one or more QKD, the Alice, the Bob and the KM communicate with each other through a classical network, and the QKD communicated with each other through a quantum channel;
any two communicated Alice, bob and KM all have one party for generating a quantum key K, and the other party receives the quantum key K to form key sharing between the two parties;
the key management dynamic route generation network architecture performs dynamic route generation by the following steps:
step 1-1: the KMS sets a minimum key quantity Kmin;
step 1-2: creating a thread X1 to process a KM node or a user request connection function, and generating single KM node network topology information;
step 1-3: creating a thread X2 to monitor all KM nodes or users;
step 1-4: the KMS performs ordered connection on network topology information of all KM nodes to generate a routing table;
after generating the routing table, a KMS collects information sent by a KM node as follows:
step 2-1: the KMS sets a minimum key quantity Kmin;
step 2-2: the KM sends a connection request to the KMS, and the KMS agrees to connect and establishes a session;
step 2-3: the KM sends a local ID to the KMS, and the KMS binds the received ID with the established session;
step 2-4: the KM sends ID information of adjacent connection KM to the KMS;
step 2-5: the KMS receives ID information of the adjacent KM, and binds the adjacent KM ID information with the established session;
step 2-6: the KM sends the existing key quantity K1 to the KMS;
the KMS creation thread X1 processes the KM node request connection steps as follows:
step 3-1: the KMS waits and receives a KM node connection request, and establishes a session according to the request;
step 3-2: the KMS judges whether the system is abnormal or not, if so, the thread is exited, and if not, the step 3-1 is continuously executed;
KMS creation thread X2 monitors all KM nodes or user flows as follows:
step 4-1: the KMS receives a local ID of a KM node, and binds the session established in the step 3-1 with the ID of the KM;
step 4-2: the KMS receives all IDs of the KM node adjacent connection KM, and step 3-1 establishes a session and binds all IDs of the KM node adjacent connection KM;
step 4-3: the KMS collects the existing key quantity K reported by KM and judges whether K is more than or equal to Kmin;
if the network topology information is greater than or equal to Kmin, the KMS adds network topology information of a node according to the information collected from the KM node;
otherwise, the node does not establish the network topology information and cancels the previously established network topology information;
step 4-4: the KMS judges whether the system is abnormal or not, if so, the KMS exits the thread, and if not, the KMS jumps to the step 4-1;
the Kmin is the minimum key amount required for communication between KM and between KM and KM.
2.A key management dynamic route generation network architecture for quantum communications according to claim 1,
the Alice terminal is provided with a source module and a modulation module, the source module generates plaintext key information M, and the modulation module is used for carrying out exclusive OR operation on the key information M and a quantum key K generated by the corresponding QKD to obtain quantum key information Mk.
3.A key management dynamic route generation network architecture for quantum communications according to claim 1,
the Bob end is provided with a demodulation module and a detection module, the demodulation module utilizes the shared quantum key K to decrypt the received quantum key information M and the received quantum key information M to obtain a plaintext key M ', and the detection module receives the plaintext key M ' to detect and compare the plaintext key M ' with the key information M.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011643064 | 2020-12-31 | ||
| CN2020116430645 | 2020-12-31 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114362938A CN114362938A (en) | 2022-04-15 |
| CN114362938B true CN114362938B (en) | 2024-01-30 |
Family
ID=81103125
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111630087.7A Active CN114362938B (en) | 2020-12-31 | 2021-12-28 | Quantum communication key management dynamic route generation network architecture and method |
| CN202123349381.9U Active CN218336048U (en) | 2020-12-31 | 2021-12-28 | Secret key management dynamic route generation network architecture for quantum communication |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202123349381.9U Active CN218336048U (en) | 2020-12-31 | 2021-12-28 | Secret key management dynamic route generation network architecture for quantum communication |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN114362938B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116192281B (en) * | 2023-04-26 | 2024-02-23 | 军事科学院系统工程研究院网络信息研究所 | Quantum communication-based network topology control method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011039503A2 (en) * | 2009-09-29 | 2011-04-07 | Qinetiq Limited | Methods and apparatus for use in quantum key distribution |
| CN103001875A (en) * | 2013-01-07 | 2013-03-27 | 山东量子科学技术研究院有限公司 | Quantum cryptography network dynamic routing method |
| CN108111305A (en) * | 2017-12-29 | 2018-06-01 | 华南师范大学 | The converged network access system and method for polymorphic type quantum terminal compatibility |
| CN109995510A (en) * | 2017-12-29 | 2019-07-09 | 成都零光量子科技有限公司 | A kind of quantum key relay services method |
-
2021
- 2021-12-28 CN CN202111630087.7A patent/CN114362938B/en active Active
- 2021-12-28 CN CN202123349381.9U patent/CN218336048U/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011039503A2 (en) * | 2009-09-29 | 2011-04-07 | Qinetiq Limited | Methods and apparatus for use in quantum key distribution |
| CN103001875A (en) * | 2013-01-07 | 2013-03-27 | 山东量子科学技术研究院有限公司 | Quantum cryptography network dynamic routing method |
| CN108111305A (en) * | 2017-12-29 | 2018-06-01 | 华南师范大学 | The converged network access system and method for polymorphic type quantum terminal compatibility |
| CN109995510A (en) * | 2017-12-29 | 2019-07-09 | 成都零光量子科技有限公司 | A kind of quantum key relay services method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114362938A (en) | 2022-04-15 |
| CN218336048U (en) | 2023-01-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110581763B (en) | Quantum key service block chain network system | |
| WO2016206498A1 (en) | First quantum node, second quantum node, secure communications architecture system, and method | |
| US8964989B2 (en) | Method for adding nodes to a quantum key distribution system | |
| WO2019128753A1 (en) | Quantum key mobile service method with low delay | |
| TW201633742A (en) | Quantum key distribution system, method and apparatus based on trusted relay | |
| CN108540436B (en) | Communication system and communication method for realizing information encryption and decryption transmission based on quantum network | |
| US11212265B2 (en) | Perfect forward secrecy (PFS) protected media access control security (MACSEC) key distribution | |
| CN108847928B (en) | Communication system and communication method for realizing information encryption and decryption transmission based on group type quantum key card | |
| CN107147492A (en) | A kind of cipher key service System and method for communicated based on multiple terminals | |
| CN208986966U (en) | A kind of ciphering terminal and corresponding data transmission system | |
| CN110808834B (en) | Quantum key distribution method and quantum key distribution system | |
| Geihs et al. | The status of quantum-key-distribution-based long-term secure internet communication | |
| CN113489586B (en) | VPN network system compatible with quantum key negotiation | |
| CN111669270A (en) | Quantum encryption transmission method and device based on label switching | |
| CN111342952A (en) | Safe and efficient quantum key service method and system | |
| CN102088352A (en) | Data encryption transmission method and system for message-oriented middleware | |
| Mehic et al. | Quantum cryptography in 5g networks: A comprehensive overview | |
| CN114362938B (en) | Quantum communication key management dynamic route generation network architecture and method | |
| Cao et al. | Experimental demonstration of end-to-end key on demand service provisioning over quantum key distribution networks with software defined networking | |
| Takahashi et al. | A high-speed key management method for quantum key distribution network | |
| Kayem et al. | Key management for secure demand data communication in constrained micro-grids | |
| CN114362939B (en) | Dynamic route forwarding method, storage device and intelligent terminal based on trusted relay quantum secret communication network | |
| CN114401085B (en) | Network architecture and key storage method of quantum secret communication network | |
| Wang et al. | A segment-based multipath distribution method in partially-trusted relay quantum networks | |
| CN112235318B (en) | Metropolitan area network system for realizing quantum security encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |